• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Secure
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Umbrella and SecureX
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella Package Comparison
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
      • What is Security Service Edge (SSE)
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Events
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is Secure Access Service Edge (SASE)
      • What is Security Service Edge (SSE)
      • What is a Cloud Access Security Broker (CASB)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Security

The Role of SASE in Security and Network Management

Author avatar of Chloe WhitakerChloe Whitaker
Updated — February 27, 2023 • 4 minute read
View blog >

Secure Access Service Edge (SASE) has become the new standard for securing connections to business-critical applications and other digital assets. An effective SASE implementation depends on performance, architecture, and support (among other factors) for hybrid and multi-cloud environments. In this post, IT Central Station members who use Cisco Umbrella and Cisco SD-WAN explain the importance of these factors – along with the functioning of core SASE elements like CASB – in using SASE for security and network management.

Graphic showing how the SASE model combines Security-as-a-Service solutions (like CASB, DNS security, SWG, and L7 firewall) and Network-as-a-Service solutions (like SD-WAN and ZTNA).

Architecture and Performance

SASE combines networking and security, so architecture is an important consideration for system owners. That’s the view of the head of IT operations at a small tech services company who uses Cisco SD-WAN. He said, “In a software-defined network architecture, it heals itself and the management of the solution is very easy.” In addition, a senior global product manager at a large comms service provider characterized Cisco SD-WAN as a global scale solution that provides an open architecture design with good technical support.

Eliot R., an executive vice president of operations and IT who uses Cisco SD-WAN at Sterling National Bank, cited cost savings of 80% and a performance boost of 400% as his reasons for providing such a positive review. A consultancy’s managing partner further noted that, “Cisco is absolutely cutting-edge in terms of robustness on the capability of the network to be very stable with very low delay. It is rock-solid and very stable with respect to delivering top-performance networking functions.”

CASB

A cloud access security broker (CASB) protects corporate data that sits in cloud-based applications. To work well in a SASE setting, a CASB needs good app discovery, visibility, and control capabilities. A system engineer at a small tech services company found this to be the case with the CASB features available in Cisco Umbrella. He explained, “The solution’s application control and application traffic steering tool are its most valuable aspects in terms of how we utilize the product. The solution allows organizations to have visibility into the application traffic.”

He added that, “after implementing the solution, we can see what types of traffic we have. We can see how users are using the internet and will be able to tell if anyone is downloading something that they shouldn’t be or if they are consuming a lot of data.” This latter comment reflects the need for CASB to help with data loss prevention strategies, which is part of the SASE reference architecture for Network-as-a-Service.

DNS Security

SASE incorporates domain name server (DNS) security to mitigate this risk of layer attacks. A security engineering senior manager at a large retailer talked about this issue, saying that Cisco Umbrella “has fixed the gap in our DNS protection.” They use the solution for DNS and IP reputation.

A network operations center (NOC) lead who uses Cisco Umbrella at a small tech services company similarly remarked, “The most valuable feature is the DNS security. It is used to watch all the traffic which we are routing through the endpoint and organization firewalls.” In this case, internet requests from all users and devices are routed through DNS security, which scans each and every request. It notifies the team if it is not safe and allows those that are. He added, “It is like an alarm center application near our firewall.”

Firewall-as-a-Service (FWaaS)

The FWaaS model offers a solution for the protection of traffic and digital assets located in many new places. For instance, a technical presales consultant at a computer software company explained, “A customer would create a tunnel between their on-prem firewall to the Cisco Umbrella cloud. This would make it so that all the traffic is filtered by the Umbrella Firewall-as-a-Service.”

Or, as Syed Ali W., a media company senior network and security consultant, put it, “If you have this solution you don’t need a big firewall. Because it’s a cloud-based solution, you can access this over the cloud anywhere in the world. You don’t need to build a big infrastructure. It will give you more return on investment.”

SD-WAN

SD-WAN allows organizations to provision secure, flexible networking to people and devices that are spread out geographically. Shah J., a network security associate who uses Cisco SD-WAN at a small software company, deals with this reality frequently. He shared that he recommends Cisco SD-WAN for clients who have multiple locations and want to have a centralized management view of all activity. He observed that, “every architecture is moving toward the cloud. Centralized management makes accessibility easier for one person.”

Eliot R. described Cisco SD-WAN as a solution for integrating services to enhance up-time and performance and lower costs, while the consultancy’s managing partner added that, with the Cisco SD-WAN, “There is very minimal delay in the network. In terms of performance, it’s absolutely best of breed, and world-class. There is no discussion about that.”

Want to Learn More About the Real-World Value Cisco Umbrella Offers?

IT Central Station collects thousands of reviews from professionals across the technology industry. These reviews offer honest evaluations of today’s most popular IT solutions, including Cisco Umbrella and Cisco SD-WAN.

What’s more, the IT Central Station team aggregated these reviews into the Peer Paper “SASE With Savvy: The Keys to an Effective Secure Access Service Edge Solution.” This paper offers more valuable insights on what IT professionals look for in a SASE solution, and how Cisco Umbrella or Cisco SD-WAN meets those needs. Download the Peer Paper to start your journey towards SASE today!

An effective SASE implementation depends on performance, architecture, and support (among other factors) for hybrid and multi-cloud environments.

Tweet this quote

Additional Resources

  • Report: SASE With Savvy: The Keys to an Effective Secure Access Service Edge Solution

Suggested Blogs

  • Cisco Umbrella Delivered Better Cybersecurity and 231% ROI February 21, 2023 2 minute read
  • Cisco Listed as a Representative Vendor in Gartner® Market Guide for Single-Vendor SASE January 26, 2023 3 minute read
  • How to Evaluate SSE Vendors: Questions to Ask, Pitfalls to Avoid June 23, 2022 5 minute read

Share this blog

FacebookTweetLinkedIn

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2023 Cisco Umbrella